Vulnerabilities

CVE-2025-35031

by Fred · 29/09/2025

Medical Informatics Engineering Enterprise Health includes the user’s current session token in debug output. An attacker could convince a user to send this output to the attacker, thus allowing the attacker to impersonate that user. This issue is fixed as of 2025-04-08.

More information : https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-272-01.json

Similar

Tags: Cybersecurity Alert